Date: Wed, 18 Jan 2012 23:05:24 +0400 From: Andrey Chernov <ache@FreeBSD.ORG> To: src-committers@FreeBSD.ORG, svn-src-all@FreeBSD.ORG, svn-src-head@FreeBSD.ORG Subject: Re: svn commit: r230230 - head/sys/dev/random Message-ID: <20120118190524.GA9847@vniz.net> In-Reply-To: <20120118175440.GA365@zim.MIT.EDU> References: <201201162018.q0GKIADK050161@svn.freebsd.org> <20120118061943.GA80874@vniz.net> <20120118175440.GA365@zim.MIT.EDU>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jan 18, 2012 at 12:54:40PM -0500, David Schultz wrote: > It appears to reseed arc4random's state exactly once, at whatever > unpredictable time devrandom decides to reseed itself. Are you As fast as possible, immediatelly when we have enough good entropy. > trying to fix the problems that arise if random.ko is loaded too > late in the boot process? There is only _initial_ seeding security problem with arc4rand() and not only when random.ko is not loaded, but when it is loaded too and don't harvest enough entropy yet. All late stages don't have security problem because arc4rand() periodically reseeds itself from yarrow when ARC4_RESEED_SECONDS is expired. About random.ko loading itself, this is separate question and I already express opinion to make random.ko not optional but required kernel module. -- http://ache.vniz.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120118190524.GA9847>